Trend Micro HouseCall ActiveX Control "notifyOnLoadNative()" Vulnerability - Secunia Advisory:SA31583

Secunia Research has discovered a vulnerability in Trend Micro HouseCall, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a use-after-free error in the HouseCall ActiveX control (Housecall_ActiveX.dll). This can be exploited to dereference previously freed memory by tricking the user into opening a web page containing a specially crafted "notifyOnLoadNative()" callback function.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in versions and Other versions may also be affected.

Trend Flex Security オンラインスキャンでは Housecall_ActiveX.dll はインストールされないみたい。
# TmHcmsX Control インストール後検索してもみつからず。

TrendSecure HouseCall Free Scanで "Browser plug-in" Installing and using the HouseCall kernel を利用した場合は要確認か。
# Housecall_ActiveX.dll を検索すると Trend Micro ActiveX Scan Agent 6.6 がリストアップされる。